bug in group permission check
Steffen
skdovecot at smail.inf.fh-brs.de
Sun Jul 19 20:35:47 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
krzf83 at gmail.com wrote:
> Jul 19 01:05:27 sv1 dovecot: auth: Error:
> passwd-file(aa at ddd,89...24,<>):
> stat(/usr/dovecot-cfg/dom-home/ddd/etc/ddd/shadow) failed:
> Permission denied (euid=33454(dovecot) egid=33454(dovecot) missing
> +x perm: /usr/dovecot-cfg/dom-home/ddd, we're not in group
> 33795(sysgroup), dir owned by 32072:33795 mode=0710)
>
> root at sv1 [~]# sudo -u dovecot groups dovecot sysgroup
:-) You probably didn't read for what this user is used:
http://wiki2.dovecot.org/UserIds
See Authentication process user
Do you run SELinux?
>
> root at sv1 [~]# sudo -u dovecot cat
> /usr/dovecot-cfg/dom-home/ddd/etc/ddd/shadow <prints content of the
> file>
>
> It seems that dovecot incorecly checks for group permissions not
> even trying to access file - probably cant handle that dovecot is
> part of more than 1 group. When its part of single group problem is
> not occuring.
>
- --
Steffen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iQEVAwUBVawKI3z1H7kL/d9rAQIbAQgAthF1D2WS6Q8g3/sgkURG9KWoqCKlmcC2
M3oaKupQb9qniu6IaN7j44jhEgHx9sz8sVI0OYAPI6lIGZH/jBGXCE0CRg0ydGpJ
ORJbmKbsZwxpA5R7tE/B0z9Aji1DNI89Em4MxaBZxtWApxwNtrVYfGWHgQotuzKp
J5wTKSm9L06lcy6XU08VUzDzd12ch+zznqhf44EpbjEO9gfMkpMX9i6oRGaMc+pu
e7pbbM51G3+fEZ3YaueQjvcjIcteb8COisI0bHvTeX8wd6Z7X6nmGpcQWcpp85xA
1pD9XtohxNrWERDJ7MmkpToNLJ7F27KgncW9Mha8T8u5LUeT2GNeDg==
=gdG6
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list